Europol took down a largest DDoS-for-hire website

IPv6 denial of service attack

According to CNET reports, on Wednesday morning, local time, Europol announced the closure of Webstresser.org, a website that was clearly listed for selling DDoS cyber attacks. According to the disclosure of the European Criminal Police, the website has a total of more than 136,000 users. As of April, it launched a total of 4 million cyber attacks.

DDoS attacks force the latter to go offline by sending a large number of requests to the target website or server. In 2016, the Dyn attack successfully allowed large sites such as Twitter, Spotify, and Reddit to be temporarily shut down. If hackers want to launch such an attack, they need a lot of equipment – usually hijacked IoT devices – but websites like Webstresser.org can directly provide such services for those who are willing to pay. This means that criminals can launch cyber attacks without requiring technical experts.

Jaap van Oss, chairman of the Joint Cyber Crime Action Task Force in the Netherlands, pointed out in a statement that “Stresser websites make powerful weapons in the hands of cybercriminals.”

The European Criminal Police stated that Webstreeser was the world’s largest DDoS service provider and that it had attacked banks, police stations, government, and gaming sites before it was destroyed. In July of last year, the seven largest banks in the UK were attacked by Webstresser and eventually forced the entire system to shut down, causing hundreds of thousands of dollars in economic losses.

According to Forbes, the Americans are the main targets and customers. In addition to defamation of the site, the police also arrested four managers of the site in the United Kingdom, Croatia, Canada, and Serbia. Other senior customers in the Netherlands, Italy, Spain, and Australia were also arrested. The site was established in the Netherlands, the United States, and Germany. The infrastructure has also been seized.